The error, Credentials not valid at LDAP server – 80090308: LdapErr: DSID-0C0903AA, comment: AcceptSecurityContext error, data 52e, v1771, is displayed in the LDAP configuration window when attempting to either test a user under the Test tab or when trying to auto-configure LDAP users and user groups under the Directory tab.
When configuring your SonicWall with an LDAP server, the user entered under Login user name under Manage | Users | Settings | Configure LDAP | Edit your LDAP server | Login/Bind Tab makes a Bind request. This request could fail if the username, password or the directory entered under User tree for login to server is incorrect.
Check the following to correct this issue:
- That the Login user name on the Manage | Users | Settings | Configure LDAP | Edit your LDAP server | Login/Bind Tab (if Give login name/location in tree is selected) is the display name and not the username. For example, John Doe is a display name and john.doe is the username. and That the above user is in the directory entered under User tree for login to server. This is normally the Users directory.
- Ensure that the password entered is correct.
Note: The user to bind to the LDAP server could be a normal domain user and need not be an administrator
Case Sensitivity is important
The checkbox in the main User Settings area that says “Case sensitive usernames” will need to be unchecked. The issue can arise when the user accounts are set up ans written in “John.Doe” format and in SonicWALL the username is written differently such as “john.doe”. Case-sensitivity never matters when using AD/Windows authentication, but it certainly does with raw LDAP